- Dec 29, 2013
It's a suboptimal design from a personal privacy perspective; however, extremely useful for businesses to have to manage their fleet. It's hardened and intel (and amd with the psp) likely are not giving the feds backdoors. Although they likely have built and signed a compromised version for the NSA with the intent exemption of it only being used in lab/forensic scenarios. China, Russia, etc that deploy intel boxes at scale probably verify the firmware as part of oob. Also, that's why china pours so much money into homegrown x86 and riscv shit - even though that stuff is still kinda garbage, it's open and you can be sure the US doesn't have their hooks into it.I am NOT jumping into this pool of spergery, but I got curious and started doing some research on ME today.
There's lots of resources available, and hacker conferences about messing with it.
The long story short is that if it were malicious, you would not expect it to be designed the way it is. It's a modular system and different parts can be turned off (and by that I mean completely wiped out) independently without interfering with the boot process. It's not tamperproof in the way that you would expect an espionage system to be. On newer generations it can be turned off easily(ish) if you have the right equipment.
Despite all the claims I've heard, it's not encrypted, just encoded to save space. People have gotten around this without too much headache.
I am NOT making the claim that it's not a backdoor. I am saying that it's a very oddly designed backdoor if it is one.
The NSA probably has some good intel ME exploits that they sit on and deploy against iran, best korea.
I think most privacy experts are more nervous about the precedent, than the actual implementation.